Famous Attacks#
Some cyber vulnerabilities have become famous. Sometime by the impact, some by the research paper and the impact on the security field!
This is an opinionated collection of vulnerabilities and attacks that are so special, that the have an own website and often also one or more research papers.
Warning
Most so called old famous attacks and vulnerabilities are still actively used. Since patching and fixing hardware, firmware and software components is hard, complex and sometimes not possible at all!
Attacks#
Apache Log4j Vulnerability Guidance
Log4shell is a critical vulnerability in the widely-used logging tool Log4j, which is used by millions of computers worldwide running online services. A wide range of people, including organisations, governments and individuals are still vulnerable…
CacheWarp
CacheWarp is a software fault attack on AMD SEV-ES and SEV-SNP. It allows attackers to hijack control flow, break into encrypted VMs, and perform privilege escalation inside the VM.
Downfall attacks
Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers. This vulnerability, identified as CVE-2022-40982, enables a user to access and steal data from other users who share the same computer.
Meltdown and Spectre
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer.
The Marvin Attack
The Marvin Attack is a return of a 25 year old vulnerability that allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed with the private key.